last sync: 2022-Sep-27 16:35:32 UTC

Azure Policy definition

[Preview]: Kubernetes clusters should gate deployment of vulnerable images

Name [Preview]: Kubernetes clusters should gate deployment of vulnerable images
Azure Portal
Id 13cd7ae3-5bc0-4ac4-a62d-4f7c120b9759
Version 2.0.0-preview
details on versioning
Category Kubernetes
Microsoft docs
Description Protect your Kubernetes clusters and container workloads from potential threats by restricting deployment of container images with vulnerable software components. Use Azure Defender CI/CD scanning ( and Azure defender for container registries ( to identify and patch vulnerabilities prior to deployment. Evaluation prerequisite: Policy Addon and Azure Defender Profile. Only applicable for private preview customers.
Mode Microsoft.Kubernetes.Data
Type BuiltIn
Preview True
Deprecated FALSE
Effect Default: Audit
Allowed: (Audit, Deny, Disabled)
Used RBAC Role none
Rule Aliases
Rule ResourceTypes IF (1)
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-08 16:32:07 change Major, suffix remains equal (1.0.3-preview > 2.0.0-preview)
2022-03-11 18:16:48 change Patch, suffix remains equal (1.0.2-preview > 1.0.3-preview)
2021-12-06 22:17:57 change Patch, suffix remains equal (1.0.1-preview > 1.0.2-preview)
2021-11-12 16:23:07 change Patch, new suffix: preview (1.0.0 > 1.0.1-preview)
2021-10-04 15:27:15 change Version remains equal, old suffix: preview (1.0.0-preview > 1.0.0)
2021-09-27 15:52:17 add 13cd7ae3-5bc0-4ac4-a62d-4f7c120b9759
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
Azure Security Benchmark 1f3afdf9-d0c9-4c3d-847f-89da613e70a8 Security Center GA BuiltIn
SOC 2 Type 2 4054785f-702b-4a98-9215-009cbd58b141 Regulatory Compliance GA BuiltIn
JSON Changes